William On Sun, 2008-01-06 at 09:36 -0500, William Ottley wrote: > Now I don't want the realservers sending back to the CIP directly, > because this will expose the IP of the realserver, which I can't have.
You have fundamentally misunderstood something here - and this isn't LVS, it's TCP/IP. When the replies to the client leave the realserver in a DR setup, the source IP address is the VIP. If it was the realserver's IP address the TCP connection would never complete and the client would not be able to connect at all. This is why each realserver needs a loopback alias (in standard practice) of all the VIPs it is serving. Without that, nothing will work. > So, in essence, the LVS has to be a GW for all the traffic. is this > possible? It is, but it isn't necessary. > better yet, if I create an LVS with just 1 nic, and if the realserver > sends directly to the CIP: would doing a tracedump, or a network > sniffer who the realserver IP? Step away from the problem ;-) If I were you I'd strip this right back to basics. Get a single director and a single realserver setup, then get a single client from outside the same networks to talk to it. Build from there. Graeme _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
